Cross-Site Request Forgery Vulnerabilities in IBM InfoSphere Master Data Management Server
CVE-2014-0873

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server
Vendor: CVE Published:; 16 March 2014

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities exist in IBM InfoSphere Master Data Management (MDM) Server across various versions. These vulnerabilities enable remote attackers to hijack user authentication, compromising the security of user accounts and the application. Users who interact with affected components such as Data Stewardship, Business Admin, and Product interfaces could be at risk if they are tricked into submitting unauthorized requests. Updates and mitigations are recommended to protect systems and sensitive data.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21666462

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/90994

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 16, 2014
Vulnerability Reserved
Jan 6, 2014